Author: Admin

05 March 2025Red LakshmananWith open source / malicious software Cybersecurity researchers warn of the current malicious company aimed at the Go Ekosystem with Typized Modules designed to deploy malware on Linux and Apple Macos Systems. “Acting threats posted at least seven packages that present themselves widely used GO libraries, including one (GitHub (.) Com/Dlultowmulti/Hypert), which appears – Note In a new report. “These packages share repeated malicious names and consistent methods of aggravation, which suggests that a coordinated actor threats that can be quickly turned.” While all of them continue to be available in the official package storage, their relevant…

04 March 2025Red LakshmananCybercrime / Intelligence threats Subjects with the threat that deploy black bosom and cactus ransom have been found on the same Backconnect (BC) module to maintain constant control over the contaminated hosts, a sign that the branches associated with black bacon can go to the cactus. “After penetration, it gives the attackers a wide range of remote controls, allowing them to perform commands on an infected machine,” – Trend Micro – Note Monday analysis. “This allows them to steal sensitive data such as login credentials, financial information and personal files.” It is worth noting that the details…

04 March 2025Red LakshmananVulnerability / cloud security Broadcom has liberated Safety updates to solve three active security deficiencies in VMware ESXI, workstation and merger that can lead to code and disclosure. The list of vulnerabilities is the following – Cve-2025-2224 (CVSS assessment: 9.3) -In time of vulnerability of use time (TOCTOU), which leads to record outside the malicious actor with local administrative privileges on the virtual machine can use to perform the code as the VMX-Virgin machine operating on the hoste Cve-2025-2225 (CVSS’s assessment: 8.2) – An arbitrary vulnerability of the recording that a malicious actor with privileges during the…

04 March 2025Red LakshmananNetwork safety / ransom Internet services providers (providers) in China and the West coast of the United States have been the goal of a massive company that deployed the theft of cryptocurrency information and miners on compromised hosts. The resulting data come from the SPLUNK research group, which states that the activity also led to the delivery of various binary files that facilitate the data of the data, as well as the ways to establish persistence in the systems. Unknown threaten subjects conducted “minimum intrusive operations to avoid detection, except for artifacts created in accounts that have…

Accounting attacks had a huge impact in 2024, fueled by a vicious circle of infections of infections and data disorders. But it can still deteriorate with agents using computers, a new AI agent species that allows you inexpensive, low automation of common web slushes, including those who are often performed by attackers. Stolen powers: Weapons Choosing Cyber ​​-Little in 2024 Stolen powers were the action of the attacker No. 1 in 2023/24and vector of violations for 80% of web applications. Not surprisingly, considering the fact that billions of tangled powers are in circulation on the Internet, and attackers can pick…

04 March 2025Red LakshmananCyber ​​-bue / malicious software Hunters pay attention to a new high -level phishing campaign that nominated “less than five” legal entities in the United Arab Emirates (UAE) to deliver the previously unregistered back Galan Sosan. According to Profpoint, which discovered it in late October 2024, was specially aimed at aviation and satellite communication organizations. Unk_craftcamel. The characteristic aspect of the attack chain is that the opponent took advantage of his access to a compromised email account owned by the Indian Electronics Company, indicates electronic electronic information to send phishing messages. It is said that the legal…

04 March 2025Hacker NewsCyber ​​-aataka / vulnerability Cybersecurity and US Infrastructure Agency (CISA) added Five Safety Disadvantages affecting Cisco, Hitachi Vantara, Microsoft Windows and Progress Whatsup Gold for their famous exploited vulnecs (Ship) A catalog based on evidence of active operation. The list of vulnerabilities is the following – Cve-2013-20118 (CVSS assessment: 6.5) -Touity of teams of introduction to the online router RV Cisco Small Business Router, which allows authentication, remote attackers, receive privileges at the root level and access unauthorized data (unlikely due to routers) Cve-2022-43939 (CVSS assessment: 8.6) – vulnerability of the income vulnerability in Hitachi Vantara Pentaho…

04 March 2025Red LakshmananVulnerability / mobile security Google has liberated Its monthly Android security newsletter in March 2025, a total of 44 vulnerability, including two, which, he said, were actively exploited in the wild. Two vulnerabilities with high speed are below – Cve-2024-43093 – Lack of escalation of privileges in the components of Framework, which can lead to unauthorized access to the directory “Android/Data”, “Android/OBB” and “Android/Sandbox” and their corresponding liners. Cve-2024-5022 – Lack of escalation of privileges in the Linux Hid USB components, which can lead to non -nationalized core memory leaks to a local attacker through specially designed…

03 March 2025Red LakshmananCloud security / email security Actors threats focus on Amazon’s web service (O) The environment for displacement of phishing companies to non -suspicious targets, according to the Block 42 networks Palo Alto Networks. Cybersecurity Company Track Activities called TGR-UNK-0011 (Short for Group threats with unknown motivation), about which, in her words, they intersect with a group known as Javaghost. As you know, TGR-NUNK-0011 has been working since 2019. “The Group Historically focused on the cancellation of sites,” Margaret Kelly’s security researcher – noted. “In 2022, they sent to send phishing sheets for financial benefits.” It should be…

03 March 2025Red LakshmananRedemption / vulnerability Threatening actors operate security vulnerability in the Biontdrv.Sys driver in Paragon Partition Manager Manager in ransomware attacks to escalate privileges and execute an arbitrary code. The zero day deficiency (CVE-2025-0289) is part of a set of five vulnerabilities that have been detected by Microsoft, Certination Center (Cert/CC) reports. “This includes an arbitrary reflection of the kernel memory and writing vulnerabilities, a derefert Null, dangerous access to kernel resources and arbitrary memory vulnerability,” Cert/CC – noted. In a hypothetical attack scenario, an opponent with local access to the Windows machine can use these deficiencies to…